Sonic 代码问题漏洞

Sonic is a go-sonic open source high performance blogging system developed using golang. A code issue vulnerability exists in Sonic 1.1.4 and earlier versions, which stems from the incorrect operation of the parameter uri in the FetchTheme function in the Theme Fetching API component file...

PPress 安全漏洞

PPress is a Python-based blogging CMS system by the individual developer yandaozi. A security vulnerability exists in PPress version 0.0.9, which stems from hard-coded credentials included in the default configuration...

Blog 安全漏洞

Blog is a personal blogging system by Xuzijia Individual Developers in China. A security vulnerability exists in Blog version 3.0.1-SNAPSHOT, which stems from an authentication bypass that could lead to unauthorized access to the API...

Rafed CMS 安全漏洞

Rafed CMS is a blogging system from Rafed Inc. A security vulnerability exists in Rafed CMS version 1.44, which stems from a cross-site scripting vulnerability that could allow an attacker to execute arbitrary web script or HTML via a specially crafted payload...

PPress 安全漏洞

PPress is a Python based blogging CMS system developed by yandaozi. A security vulnerability exists in PPress version 0.0.9, which stems from a stored cross-site scripting vulnerability in related recommendations, which allows remote attackers to execute arbitrary code...

Anchor Cross-Site Scripting Vulnerability

Anchor is an open source lightweight blogging system. A cross-site scripting vulnerability exists in Anchor version v.0.12.7, which originates from a vulnerability that could allow a remote attacker to execute arbitrary code via a crafted .pdf file...

halo 跨站脚本漏洞

Halo is a personal blogging system for individual developers. A cross-site scripting vulnerability exists in halo v1.6.0, which stems from the application's susceptibility to cross-site scripting attacks...

Anchor 安全漏洞

Anchor is an open source lightweight blogging system. A security vulnerability exists in Anchor version v0.12.7, which stems from a cross-site request forgery CSRF in /anchor/admin/categories/delete/2...

Bolo Code Issue Vulnerability

Bolo is a Java-based pineapple blogging system, simple and easy to deploy, exquisite theme, intimate service, designed for programmers. A security vulnerability exists in Bolo v.2.6, which stems from a file upload issue...

ZrLog Cross-Site Scripting Vulnerability (CNVD-2023-54438)

ZrLog is a blogging system developed using the Java language. A cross-site scripting XSS vulnerability exists in ZrLog version 2.1.3. An attacker can exploit this vulnerability to execute arbitrary code via the nickname parameter of the /post/addComment function...

DjangoBlog 跨站脚本漏洞

DjangoBlog is a blogging system based on Django. DjangoBlog suffers from a cross-site scripting vulnerability that stems from the use of Markdown comments leading to XSS...

Halo 代码问题漏洞

Halo is a personal blogging system for individual developers. A security vulnerability exists in Halo v1.6.1 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted .md files...

FlatPress 跨站脚本漏洞

FlatPress is a Php-based blogging system from the FlatPress community that does not require database support. A cross-site scripting vulnerability exists in FlatPress, which stems from a problem with an unknown part of the admin/panels/entry/admin.entry.list.php file in the Admin Area component...

SENS 跨站脚本漏洞

SENS is an enterprise blogging system by saysky individual developer. A cross-site scripting vulnerability exists in SENS v1.0, which stems from vulnerability to cross-site scripting XSS attacks...

SENS 安全漏洞

SENS is an enterprise level blogging system by saysky individual developer. A security vulnerability exists in SENS v1.0, which stems from the presence of an incorrect access control vulnerability...

Unspecified vulnerability in halo (CNVD-2022-25189)

Halo is a personal blogging system for individual developers. A security vulnerability exists in Halo 1.4.14, which stems from the fact that the function point for uploading an avatar can upload any file, such as uploading an HTML file. No details of the vulnerability are provided at this time...

Halo 跨站脚本漏洞

Halo is a personal blogging system for individual developers. Halo suffers from a cross-site scripting vulnerability that originates in Halo, versions v1.0.0 through v1.4.17 latest are susceptible to cross-site scripting XSS stored in the title of a post, which can be exploited by an attacker to...

Anchor Cross-Site Scripting Vulnerability (CNVD-2021-103514)

Anchor is an open source lightweight blogging system. Anchor is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to upload headers and content containing malicious code via the post bar...

Z-BlogPHP arbitrary file deletion vulnerability

Z-BlogPHP is an open source PHP-based blogging system from the Z-blog community.Z-BlogPHP is vulnerable to an arbitrary file deletion vulnerability that stems from the inclusion of an arbitrary file deletion vulnerability via appdel.php. No detailed vulnerability details are currently available...

Blog_mini Cross-Site Scripting Vulnerability (CNVD-2021-67502)

Blogmini is an open source blogging system that is vulnerable to a cross-site scripting vulnerability in Blog mini v1.0. An attacker could use this vulnerability to execute arbitrary code via the "Manage Submitted Posts" component...